UBUNTU-CVE-2024-42332
- Source
- https://ubuntu.com/security/CVE-2024-42332
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-42332.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-42332
- Upstream
- Published
- 2024-11-27T12:15:00Z
- Modified
- 2025-10-24T05:11:47Z
- Severity
-
- 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/ubuntu/zabbix@1:2.2.2+dfsg-1ubuntu1+esm5?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:2.*
1:2.0.6+dfsg-1ubuntu2
1:2.2.0+dfsg-1ubuntu1
1:2.2.0+dfsg-6ubuntu1
1:2.2.1+dfsg-1ubuntu3
1:2.2.2+dfsg-1ubuntu1
1:2.2.2+dfsg-1ubuntu1+esm1
1:2.2.2+dfsg-1ubuntu1+esm3
1:2.2.2+dfsg-1ubuntu1+esm4
1:2.2.2+dfsg-1ubuntu1+esm5
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-agent"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-frontend-php"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-java-gateway"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-proxy-mysql"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-proxy-pgsql"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-proxy-sqlite3"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-server-mysql"
},
{
"binary_version": "1:2.2.2+dfsg-1ubuntu1+esm5",
"binary_name": "zabbix-server-pgsql"
}
]
}
Ubuntu:Pro:16.04:LTS / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/ubuntu/zabbix@1:2.4.7+dfsg-2ubuntu2.1+esm4?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:2.*
1:2.4.6+dfsg-1
1:2.4.7+dfsg-1
1:2.4.7+dfsg-2
1:2.4.7+dfsg-2ubuntu2
1:2.4.7+dfsg-2ubuntu2.1
1:2.4.7+dfsg-2ubuntu2.1+esm1
1:2.4.7+dfsg-2ubuntu2.1+esm2
1:2.4.7+dfsg-2ubuntu2.1+esm3
1:2.4.7+dfsg-2ubuntu2.1+esm4
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-agent"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-frontend-php"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-java-gateway"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-proxy-mysql"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-proxy-pgsql"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-proxy-sqlite3"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-server-mysql"
},
{
"binary_version": "1:2.4.7+dfsg-2ubuntu2.1+esm4",
"binary_name": "zabbix-server-pgsql"
}
]
}
Ubuntu:Pro:18.04:LTS / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/ubuntu/zabbix@1:3.0.12+dfsg-1ubuntu0.1~esm4?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:3.*
1:3.0.7+dfsg-3
1:3.0.12+dfsg-1
1:3.0.12+dfsg-1ubuntu0.1~esm1
1:3.0.12+dfsg-1ubuntu0.1~esm2
1:3.0.12+dfsg-1ubuntu0.1~esm3
1:3.0.12+dfsg-1ubuntu0.1~esm4
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-agent"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-frontend-php"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-java-gateway"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-proxy-mysql"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-proxy-pgsql"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-proxy-sqlite3"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-server-mysql"
},
{
"binary_version": "1:3.0.12+dfsg-1ubuntu0.1~esm4",
"binary_name": "zabbix-server-pgsql"
}
]
}
Ubuntu:Pro:20.04:LTS / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/ubuntu/zabbix@1:4.0.17+dfsg-1ubuntu0.1~esm2?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:4.*
1:4.0.4+dfsg-1build2
1:4.0.4+dfsg-1build3
1:4.0.11+dfsg-1
1:4.0.14+dfsg-1
1:4.0.15+dfsg-1
1:4.0.16+dfsg-1
1:4.0.16+dfsg-1build1
1:4.0.17+dfsg-1
1:4.0.17+dfsg-1ubuntu0.1~esm1
1:4.0.17+dfsg-1ubuntu0.1~esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-agent"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-frontend-php"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-java-gateway"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-proxy-mysql"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-proxy-pgsql"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-proxy-sqlite3"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-server-mysql"
},
{
"binary_version": "1:4.0.17+dfsg-1ubuntu0.1~esm2",
"binary_name": "zabbix-server-pgsql"
}
]
}
Ubuntu:Pro:22.04:LTS / zabbix
Package
- Name
- zabbix
- Purl
- pkg:deb/ubuntu/zabbix@1:5.0.17+dfsg-1ubuntu0.1~esm1?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:5.*
1:5.0.8+dfsg-1build1
1:5.0.14+dfsg-1
1:5.0.17+dfsg-1
1:5.0.17+dfsg-1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-agent"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-frontend-php"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-java-gateway"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-proxy-mysql"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-proxy-pgsql"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-proxy-sqlite3"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-server-mysql"
},
{
"binary_version": "1:5.0.17+dfsg-1ubuntu0.1~esm1",
"binary_name": "zabbix-server-pgsql"
}
]
}